From owner-freebsd-hackers  Tue Mar 31 14:36:08 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA13090
          for freebsd-hackers-outgoing; Tue, 31 Mar 1998 14:36:08 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from super-g.inch.com (super-g.com [207.240.140.161])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA12969
          for <hackers@freebsd.org>; Tue, 31 Mar 1998 14:35:22 -0800 (PST)
          (envelope-from spork@super-g.com)
Received: from localhost (localhost [127.0.0.1])
	by super-g.inch.com (8.8.8/8.8.5) with SMTP id RAA07481
	for <hackers@freebsd.org>; Tue, 31 Mar 1998 17:34:50 -0500 (EST)
Date: Tue, 31 Mar 1998 17:34:50 -0500 (EST)
From: spork <spork@super-g.com>
X-Sender: spork@super-g.inch.com
To: hackers@FreeBSD.ORG
Subject: NFS over TCP
Message-ID: <Pine.BSF.3.96.980331172734.6720A-100000@super-g.inch.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Hi,

It's my understanding that NFS in -stable can be run with TCP as the
transport rather than UDP.

As an exercise in firewalling, I'm trying to make the entire nfs suite
work over TCP, as it seems easier to control than UDP.  Looking at
rpcinfo, mountd, portmapper, and nfsd all listen on TCP ports, and
telnetting to these ports shows that there is indeed something there
listening:

   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100005    3   udp    967  mountd
    100005    3   tcp   1012  mountd
    100005    1   udp    967  mountd
    100005    1   tcp   1012  mountd

However, if I disallow UDP traffic between the nfs server and client, I
see a whole bunch of UDP packets denied by ipfw.  I have started nfsd with
the "-t" flag on the server, and am specifying a version 3 tcp mount on
the client.  Is it possible to actually disable udp in mountd and portmap?
I couldn't find a flag for this in the manpages...

Thanks for any info,

C

Charles Sprickman
spork@super-g.com
---- 
                           "I'm not a prophet or a stone-age man
                           Just a mortal with potential of a superman
                           I'm living on"      -DB


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message